Thanks for the quick response Mark. I let the site owner know and he's now strangely pleased to be included in such high company as Nokia Canada ;p -----Original Message----- From: thelist-bounces at lists.evolt.org [mailto:thelist-bounces at lists.evolt.org] On Behalf Of Mark Groen Sent: 02 February 2007 14:50 To: thelist at lists.evolt.org Subject: [Spam] Re: [thelist] Hacked by kerem125 On Friday 02 February 2007 06:36, Chris Dempsey wrote: > Hey all, > > We got a call today about a website which belongs to a company that one of > our guys is a Director of. The site is handled entirely by another company > but as our guy is on holiday and can't help I took a quick look at it. > > Domain in question is www.inandaboutayrshire.com and it now redirects to > http://killit.us/kerem.htm > > A Google search for kerem125 reveals several sites that have been spidered > as having been hacked by the same group but have now been restored to the > correct site. He's not as busy as someone like cwings, but working at it. Even higher profile sites like the Nokia Canada site (day before yeterday(?), it gut Dugg and essentially that turned it into something like a drive-by DDOS) are vulnerable through the code that the public interfaces with the back end through. Forms, search queries, customer log-ins, basically anywhere that there is a ? in the URL is going to be checked out by hackers sooner or later. Here's where one of the "clubs" reside, and your person's current record: http://www.zone-h.org/component/option,com_attacks/Itemid,43/filter_defacer, kerem125 If you go to any of the types of web sites as linked above, with IE, please have activeX "off" or the "prompt" setting and if you're prompted for ActiveX, say no, you've been warned. -- cheers, mark -- * * Please support the community that supports you. * * http://evolt.org/help_support_evolt/ For unsubscribe and other options, including the Tip Harvester and archives of thelist go to: http://lists.evolt.org Workers of the Web, evolt !